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- The MAILING DATE of this communication appears on the cover sheet with the correspondence address - 
Period for Reply 

A SHORTENED STATUTORY PERIOD FOR REPLY IS SET TO EXPIRE 3 MONTH(S) FROM 
THE MAILING DATE OF THIS COMMUNICATION. 

- Extensions of time may be available under the provisions of 37 CFR 1 .136(a). In no event, however, may a reply be timely filed 
after SIX (6) MONTHS from the mailing date of this communication. 
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earned patent tenn adjustment. See 37 CFR 1 .704(b). 

Status 

1 )K Responsive to communication(s) filed on 22 April 2004 . 
2a)M This action is FINAL. 2b)n This action is non-final. 
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closed in accordance with the practice under Ex parte Quayle, 1935 CD. 11, 453 O.G. 213. 
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5) 0 Claim{s) is/are allowed. 

6) K Claim(s) 21-27 is/are rejected. 
?)□ Claim(s) is/are objected to. 
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Application Papers 
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DETAILED ACTION 

1. Claims 1-28 have been presented for examination. Claims 1-20 have been canceled and 
new claims 21-28 have been added in a preliminary amendment filed 02/29/2000. Claim 28 has 
been canceled in an amendment filed 04/22/2004. Claims 21-27 have been examined. 

Priority 

2. Acknowledgment is made that the instant application is a division of Application No. 
07/479,666, filed 02/13/1990, now U.S. Patent No. 6,507,909 Bl . 

Drawings 

3. The drawings were received on 04/22/2004. These drawings are approved. 

Response to Arguments 

4. Applicant's arguments filed 04/22/2004 have been fully considered but they are not 
persuasive. 

5. As per claims 21-26, in response to applicant's apparent argument that the reference, 
Atalla, U.S. Patent No. 4,315,101 A, fails to show certain features of applicant's invention, it is 
noted that the features upon which applicant relies (i.e., improving security on a single computer 
station, allowing a user to distinguish between actual and emulated trusted paths, and a parsed 
command) are not recited in the rejected claims. Although the claims are interpreted in light of 
the specification, limitations from the specification are not read into the claims. See In re Van 
Geuns, 988 F.2d 1 181, 26 USPQ2d 1057 (Fed. Cir. 1993). 
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6. As per claims 21-27, Atalla, U.S. Patent No. 4,315,101 A, does disclose the step of 
displaying the process identifier to the user (see column 8, lines 31-44; an authorized individual 
is able to control a transaction with the aid of previously established files in the correspondent 
office; see column 8, lines 7-12; figure 6, item 1 10; output is generated upon favorable 
comparison of the two ACK-TRAC signals in the comparator is an indication of completion of 
the transaction which was initiated by the individual; see column 9, lines 26-28; an ACK-TRAC 
signal providing an indication at office A that the requested transaction process was completed at 
office B; see column 14, lines 15-18; figure 12, item 253; the enabling signal signifies an 
authorized user completion of direcfions; see figure 12; "PAY INVOICE NO."; see figure 13; 
"MONEY OUT"). 

7. As per claims 21-27, Atalla, U.S. Patent No. 4,315,101 A, additionally refers to prior art 
disclosing displaying to the user which his invention extends. The author of a prior art reference 
used in a grounds of rejection may refer to extrinsic evidence to explain, but not expand, the 
meaning of his reference. See In re Baxter Travenol Labs, 21 USPQ2d 1281, 1282 (Fed. Cir. 
1991) and MPEP § 2131.01 IL Here, Atalla describes how his invention (see Atalla, U.S. Patent 
No. 4,315,101 A, column 1, lines 56-63) improves security over the prior art such as Anderson et 
al., U.S. Patent No. 3,956,615 A (see Atalla, U.S. Patent No. 4,315,101 A, column 1, lines 20- 
36). Anderson et al. fiorther point out a user communication subsystem with a visual display (see 
column 8, lines 26-34; figure 2, item 72) and displaying a process identifier to a user (see 
Anderson et al., U.S. Patent No. 3,956,615 A, column 22, lines 16-21; displaying to the user the 
message "TRANSFER $50.00 FROM SAVINGS ACCOUNT TO CHECKING ACCOUNT") 
through a trusted path (see Anderson et al., U.S. Patent No. 3,956,615 A, column 21, lines 22-28; 
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an encrypted action byte). Thus, Atalla uses similar displaying activity on a visual monitor to a 
user in his invention when he uses terms such as "indication" (see Atalla, U.S. Patent No. 
4,315,101 A, column 8, lines 7-12 and column 9, lines 26-28) and "signifies" (see Atalla, U.S. 
Patent No. 4,315,101 A, column 14, lines 15-18). 

8. As per claim 27, applicant's argument that Atalla does not disclose or suggest displaying 
a representation of the parsed command to the user for verification before the command is 
performed is incorrect. Atalla does describe that the authorized user is presented by an enabling 
signal (see column 14, lines 15-18; figure 12, items 233 and 253 and "PAY INVOICE NO.") 
where he verifies the signal to complete the transaction to prevent unauthorized manipulation of 
his account (see column 14, lines 19-24). 

Claim Rejections - 35 USC § 102 

9. The following is a quotation of the appropriate paragraphs of 35 U.S.C. 102 that form the 
basis for the rejections under this section made in this Office action: 

A person shall be entitled to a patent unless - 

(b) the invention was patented or described in a printed publication in this or a foreign country or in public use or on 
sale in this country, more than one year prior to the date of application for patent in the United States. 

10. Claims 21-26 and 28 are rejected under 35 U.S.C. 102(b) as being anticipated by Atalla, 
U.S. Patent No. 4,315,101 A. 

As per claims 21 24/21, 25/21, 26/21, and 28/21, Atalla illustrates a method, an automatic 
data processing machine programmed to execute a method, an automatic data processing 
machine comprising means for performing a method, and program storage devices readable by 
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machine and tangibly embodying a representation of a program of instructions adaptable to be 
executed by the machine to perform a method for verifying the existence of a trusted path, 
comprising: 

(a) upon login by a user (see column 6, lines 58-60; figure 6, items 87 and 83; the 
authorized person introduces his PIN via keyboard), assigning a process identifier to the user in 
the trusted computing environment (see colunm 7, lines 35-43; figure 6, items 97 and 101 ; 
outputting ACK-TRAC at the remote location; see column 8, lines 7-12; figure 6, items 109 and 
107; where the ACK-TRAC signal is an indication of the completion of the transaction); 

(b) storing the assigned process identifier in trusted memory (see column 9, lines 26-34; 
storing instructions and acknowledgments as auditable records); 

(c) establishing a trusted path between the user and the trusted computing environment 
(see column 6, lines 58-60; the authorized person introducing his PIN to produce an input in a 
module to establish a trusted path; see column 6; lines 43-49; enabling the authorized individual 
to control various secured transactions; column 7, lines 35-41; figure 6, items 97, 101, and 121; 
sending the ACK-TRAC signal from the encryption module; see column 9, lines 21-34; where 
acknowledgments are transmitted with substantial security against errors and unauthorized 
alterations); 

(d) through the trusted path, displaying the process identifier to the user (see column 8, 
lines 7-12; figure 6, item 110; output is generated upon favorable comparison of the two ACK- 
TRAC signals in the comparator is an indication of completion of the transaction which was 
initiated by the individual; see column 9, lines 26-28; provide an indication at office A that the 
requested transaction was completed at office B; see column 14, lines 15-18; figure 12, item 253; 
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the enabling signal signifies an authorized user completion of directions; see figure 12; "PAY 
INVOICE NO."; see figure 13; "MONEY OUT"); and 

(e) upon the user's subsequent entry into the trusted environment (see column 9, lines 29- 
34; instructions and acknowledgements (i.e. the ACK-TRAC signal) in auditable records for 
subsequent examination), displaying the process identifier to the user through the trusted path 
(see column 8, lines 3 1-44; an authorized individual is able to control a transaction with the aid 
of previously established files in the correspondent office; see column 8, lines 7-12; figure 6, 
item 1 10; output is generated upon favorable comparison of the two ACK-TRAC signals in the 
comparator is an indication of completion of the transaction which was initiated by the 
individual; see column 9, lines 26-28; an ACK-TRAC signal providing an indication at office A 
that the requested transaction process was completed at office B; see column 14, lines 15-18; 
figure 12, item 253; the enabling signal signifies an authorized user completion of directions; see 
figure 12; "PAY INVOICE NO."; see figure 13; "MONEY OUT"). 

As per claims 22, 24/22, 25/22, 26/22, and 28/22, Atalla further elaborates: 
that the process identifier is a randomly generated group of alphanumeric characters (see 
column 3, lines 44-49; figure 1 A, items 13 and 15; a user identifier code produced from a 
random number; see column 6, lines 64-68; column 7, lines 1-5; figure 5 A, items 83 and 91). 

As per claims 23, 24/23, 25/23, 26/23, and 28/23, Atalla additionally suggests: 
that the process identifier is pronounceable (see column 6, lines 50-57; figures 5A and 
5B, items MSGE and SEQ; that ACK-TRAC is encrypted fi-om the message, such as an account 
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number, combined with a sequence number, such as date and time, all pronounceable pieces of 
data). 

Claim Rejections - 35 USC § 103 

1 1 . The following is a quotation of 35 U.S.C. 1 03(a) which forms the basis for all 
obviousness rejections set forth in this Office action: 

(a) A patent may not be obtained though the invention is not identically disclosed or described as set forth in 
section 102 of this title, if the differences between the subject matter sought to be patented and the prior art are 
such that the subject matter as a whole would have been obvious at the time the invention was made to a person 
having ordinary skill in the art to which said subject matter pertains. Patentability shall not be negatived by the 
manner in which the invention was made. 

12. Claim 27 is rejected under 35 U.S.C. 102(b) as anticipated by or, in the alternative, under 
35 U.S.C. 103(a) as obvious over Atalla, U.S. Patent No. 4,315,101 A in view of National 
Institute of Standards and Technology, "DES Modes of Operation." 

As per claim 27, Atalla depicts an apparatus for executing a trusted command that is 
issued by a user and that is parsed by untrusted means to generate a parsed command (see 
column 6, lines 50-57; figures 5A and 5B, items MSGE and 83; a message indicating the type of 
transaction supplied to an encryption algorithm module; see. column 4, lines 50-59; column 6, 
lines 61-64; incorporating the National Bureau of Standards' encryption-decryption algorithm 
which is the Federal Information Processing Standard approved by the U.S. Department of 
Commerce, the Date Encryption Standard (DES)), comprising: 

(a) trusted means for receiving the encrypted command via a trusted path (see column 7, 
lines 1-7; figure 6, item 89; transmitting the encrypted message as TRAC signal over a data link; 
see column 9, lines 29-34; where the instructions required to command a transaction are 
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transmitted with substantial security against errors and xmauthorized alterations, and with ample 
provisions for auditable records of the transaction); 

(b) means for displaying a representation of the encrypted command to the user for 
verification (see 7, lines 35-41; figure 6, items 97 and 101; the ACK-TRAC signal resulting from 
the encrypted message; see column 14, lines 15-18; figure 12, items 233 and 253 and "PAY 
INVOICE NO."; the authorized user is presented by an enabUng signal; see column 14, lines 19- 
24; where he verifies the signal to complete the transaction to prevent unauthorized manipulation 
of his account); and 

(c) trusted means for executing the verified encrypted command (see column 14, Unes 15- 
18; enabUng the gate to signal the authorized completion of the directions received fi'om the 
user). 

Atalla does not explicitly disclose the feature of parsing to generate a parsed command. 
However, this feature is deemed to be inherent to the apparatus of Atalla because the DES 
encryption algorithm requires dividing the data to be encrypted into 64-bit blocks. Because the 
missing descriptive matter of parsing is necessarily present to cause the system to function and 
because persons of ordinary skill in the art would recognize this necessary presence, the 
inherency of this missing feature is sufficiently established. See MPEP § 21 12 and In re 
Roberston, 169 F.3d 743, 745, 49 USPQ2d 1949, 1950-51 (Fed. Cir. 1999). 

National Institute of Standards and Technology, "DES Modes of Operation" elaborates: 
parsing to generate a parsed command (see Section 1.1 Definitions, Abbreviations, and 
Conventions. DES INPUT BLOCK: a block that is entered into the DES device for either 
encryption or decryption of 64 bits in length). Therefore, it would have been obvious to one of 
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ordinary skill in the computer art at the time the invention was made to combine the apparatus of 
Atalla with the parsing of the National Institute of Standards and Technology to map all possible 
64-bit vectors onto itself (see Appendix A, ^ 6). 

Conclusion 

13. THIS ACTION IS MADE FINAL. Applicant is reminded of the extension of time 
policy as set forth in 37 CFR 1.136(a). 

A shortened statutory period for reply to this final action is set to expire THREE 
MONTHS firom the mailing date of this action. In the event a first reply is filed within TWO 
MONTHS of the mailing date of this final action and the advisory action is not mailed until after 
the end of the THREE-MONTH shortened statutory period, then the shortened statutory period 
will expire on the date the advisory action is mailed, and any extension fee pursuant to 37 
CFR 1.136(a) will be calculated from the mailing date of the advisory action. In no event, 
however, will the statutory period for reply expire later than SIX MONTHS fi-om the mailing 
date of this final action. 

Telephone Inquiry Contacts 

Any inquiry concerning this communication or earlier communications from the 
examiner should be directed to Justin T. Darrow whose telephone number is (703) 305-3872 and 
whose electronic mail address isjustin.darrow@uspto.gov. The examiner can normally be 
reached Monday-Friday from 8:30 AM to 5:00 PM. 
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If attempts to reach the examiner by telephone are unsuccessful, the examiner's 
supervisor, Gilberto Barron, Jr., can be reached at (703) 305-1830. 

The fax number for Formal or Official faxes to Technology Center 2100 is (703) 872- 
9306. In order for a formal paper transmitted by fax to be entered into the application file, the 
paper and/or fax cover sheet must be signed by a representative for the applicant. Faxed formal 
papers for application file entry, such as amendments adding claims, extensions of time, and 
statutory disclaimers for which fees must be charged before entry, must be transmitted with an 
authorization to charge a deposit account to cover such fees. It is also recommended that the 
cover sheet for the fax of a formal paper have printed "OFFICIAL FAX". Formal papers 
transmitted by fax usually require three business days for entry into the application file and 
consideration by the examiner. Formal or Official faxes including amendments after final 
rejection (37 CFR 1.1 16) should be submitted to (703) 872-9306 for expedited entry into the 
application file. It is further recommended that the cover sheet for the fax containing an 
amendment after final rejection have printed not only "OFFICIAL FAX" but also 
"AMENDMENT AFTER FINAL". 

Information regarding the status of an application may be obtained from the Patent 
Application Information Retrieval (PAIR) system. Status information for published applications 
may be obtained from either Private PAIR or Public PAIR. Status information for unpublished 
applications is available through Private PAIR only. For more information about the PAIR 
system, see http://pair-direct.uspto.gov. Should you have questions on access to the Private PAIR 
system, contact the Electronic Business Center (EBC) at 866-217-9197 (toU-fi-ee). 
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Any inquiry of a general nature or relating to the status of this application should be 
directed to the Group receptionist whose telephone number is (703) 305-3900. 



June 10,2004 



JUSTIN T. DARROW 
PRIMARY EXAMINER 
TECHNOLOGY CENTER 2100 



